STEALTHbits Technologies

Category: Content
Type: Blog Article

Generated 2 days ago

New blog articles detected

  • Attack Mapping with BloodHound

    AD Attack #2 – Local Admin Mapping Once an attacker has established a foothold inside your domain, their primary objective is to compromise their target as quickly as possible without detection. Whether the target is sensitive data stored on a file server or compromising a Domain Admin account, the attacker must first formulate a plan of attack. This often involves strategic lateral moves througho...

STEALTHbits Technologies

Category: Content
Type: Blog Article

Generated 1 week ago

New blog articles detected

  • Market Trends: Preparing Now – EU General Data Protection Regulation (GDPR)

    At the RSA Conference 2017 in San Francisco, CA we were able to survey more than 300 security professionals. One of the survey questions was, “Is your organization preparing for the EU General Data Protection Regulation (GDPR)?” 67% of respondents said that their organizations were preparing. Regulatory Compliance Standards Regulatory compliance standards such as PCI-DSS, HIPAA, and SOX are simply...

STEALTHbits Technologies

Category: Content
Type: Blog Article

Generated 1 week ago

New blog articles detected

  • Configure Criteria to Meet Compliance Standards

    With the EU General Data Protection Regulation (GDPR) looming, it is important to understand how to configure groups of criteria to the compliance standards your organization is concerned about most. StealthAUDIT’s Sensitive Data Discovery allows you to identify file content that matches your set criteria. This can be done for keywords or regular expressions, as well as groups of any of those crit...

STEALTHbits Technologies

Category: Content
Type: Blog Article

Generated 1 week ago

New blog articles detected

  • Performing Domain Reconnaissance Using PowerShell

    AD Attack #1 – LDAP Reconnaissance The first thing any attacker will do once he gains a foothold within an Active Directory domain is to try to elevate his access. It is surprisingly easy to perform domain reconnaissance using PowerShell, and often without any elevated privileges required. In this post, we will cover a few of the different ways that PowerShell can be used by attackers to map out y...

STEALTHbits Technologies

Category: Content
Type: Blog Article

Generated 1 week ago

New blog articles detected

  • 4 AD Attacks and How to Protect Against Them

    I was speaking with an Active Directory Security Engineer from a large, global pharmaceutical company recently and asked him the most classic question in the Product Management handbook: “What keeps you up at night?” So cliché (I know), but sometimes instead of an eye roll, you get a real gem, which is exactly what happened. He said, “We’ve got a lot of good protections in place and run a pretty t...

STEALTHbits Technologies

Category: Content
Type: Blog Article

Generated 1 week ago

New blog articles detected

  • 10 Security Risks Almost Everyone Has

    If you’re responsible for the management and security of an Active Directory (AD) or Windows infrastructure, you already know you’ve got a tough job.  And with thousands of configurations and potential conditions to worry about across dozens of AD and Operating System (OS) versions, where do you even begin an effort to address your most at-risk conditions?  What are they to begin with?  If you’re ...

STEALTHbits Technologies

Category: Content
Type: Blog Article

Generated 1 week ago

New blog articles detected

  • Market Trends: AD Security Assessment and Rollback and Recovery

    AD Security Assessment Active Directory security is a hot topic. Some security professionals have made their living by uncovering vulnerabilities in directory services. Take for instance, Sean Metcalf at ADSecurity.org. He has an entire blog focused on Active Directory security. What tends to be lacking, however, is an easy-to-follow Security Assessment that highlights critical areas of concern in...

STEALTHbits Technologies

Category: Content
Type: Blog Article

Generated 1 week ago

New blog articles detected

  • STEALTHbits ProTip: Model Access Changes with Confidence

    Modeling access changes before enabling them allows you to clean up access with confidence. The Access Information Center makes this simpler than ever with easy-to-understand visuals and the ability to commit these changes on the spot. First, we’ll look at the Effective Access report on my PreSales Engineering Share. As you can see, Chris still has access although his account is disabled. In this ...

STEALTHbits Technologies

Category: Content
Type: Blog Article

Generated 1 week ago

New blog articles detected

  • Top 10 Data Security Sessions at the RSA Conference 2017

    It is that time of year again, time to get our bags packed and head to San Francisco for the RSA Conference. This year’s theme is the Power of Opportunity–which is a fitting theme for most security companies as they move toward partnerships that benefit end users. As a cybersecurity company that focuses on credentials and data, we thought it would be helpful to select a top 10 list of data securit...

STEALTHbits Technologies

Category: Content
Type: Blog Article

Generated 1 week ago

New blog articles detected

STEALTHbits Technologies

Category: Content
Type: Blog Article

Generated 2 months ago

New blog articles detected

  • Market Trends: 2017 Cybersecurity Trends

    2017 – A New Hope Protecting your company in 2017 should start from the inside out. Organizations have spent the last decade securing the perimeter from external threats with a fair amount of success. However, in the last couple years one of the most serious threats to cybersecurity stepped to the fore: the Insider.  StaySafeOnline.org recently highlighted the importance of training more of your e...

  • STEALTHbits ProTip: Maximize Your StealthAUDIT Investment with Reporting

    This month I’d like to touch on a fairly unknown usability feature within StealthAUDIT. The Reports Only mode allows the console to be run without risk of triggering any collections or affecting any already existing data sets. There is an underused (but very useful) command line switch that allows you to run StealthAUDIT so that it can only generate reports. When run in Reports Only mode the Query...

STEALTHbits Technologies

Category: Content
Type: Blog Article

Generated 2 months ago

New blog articles detected

  • 5 Challenges with Combining Data Access Governance and Identity Access Management

    In a recent webinar, I discussed the five challenges that are faced when combining Data Access Governance and Identity and Access Management. The Identity Access Management Blindspot Unstructured data represents a significant risk for every organization. The files spread across file systems, SharePoint sites, and cloud applications continue to grow at a rapid pace, making it difficult to enforce p...

STEALTHbits Technologies

Category: Content
Type: Blog Article

Generated 2 months ago

New blog articles detected

  • 5 Cybersecurity Trends for 2017

    It’s December, the holidays are upon us, and it’s that time of the year for the proverbial “2017 predictions” blog. Not to be left out of all the fun, we went around to a few of our resident industry experts here at STEALTHbits to get their opinions of what trends will emerge in the New Year within the world of cybersecurity. Check out what they had to say: Trend #1 – Create a Cybersecurity Talent...

STEALTHbits Technologies

Category: Content
Type: Blog Article

Generated 3 months ago

New blog articles detected

  • Best Practices for Auditing Active Directory

    Some years ago I worked as a software implementation consultant in the public sector. An IT Director pulled me into his office one day to ask about my team’s ERP deployment. After I answered his questions he said, “That all sounds fine. What isn’t so fine is the state of my Active Directory.” He proceeded to show me thousands of stale accounts across agencies, as well as global access rights that ...

STEALTHbits Technologies

Category: Content
Type: Blog Article

Generated 3 months ago

New blog articles detected

  • Optimizing Your Data Governance Strategy for EU GDPR

    With European Union General Data Protection Regulation (EU GDPR) set to take effect on May 25, 2018, the proper handling of personal data is more critical than ever. Last April, my colleague, Mark Wilson, explained exactly how the new regulations will impact US and multi-national companies that process personal data of EU citizens. Among the highlights are breach notification within 72 hours and a...

STEALTHbits Technologies

Category: Content
Type: Blog Article

Generated 3 months ago

New blog articles detected

  • STEALTHbits ProTip: Defending Against Ransomware in 2017

    With the close of 2016 approaching, I looked back and realized that Ransomware could have been the subject of my ProTip every month this year! Not only has it been regularly grabbing headlines throughout the last twelve months, but I’m sure 2017’s threat-surface will be subject to even more attacks. And while I’ve already provided tips on ransomware twice, this time I’d like to talk about the meth...

  • Market Trends: Don’t Be Your Own Worst Enemy

    The year 2016 is being called the Year of the Breach. A recent study by the Ponemon Institute shows that two-thirds of organizations affected by a cyber breach are unable to recover from the attack. Imagine these organizations – so many of them – ceasing to operate one by one as wanton and malicious cyber-attacks damage their critical infrastructure, reveal operational strategies or trade secrets ...

STEALTHbits Technologies

Category: Content
Type: Youtube Video

Generated 4 months ago

STEALTHbits Technologies

Category: Content
Type: Blog Article

Generated 4 months ago

New blog articles detected

  • 5 Steps for Adopting Privileged Local Account Auditing Best Practices

    In listening to Brad Bussie’s recent webinar, I learned that securing privileged access is a complex and serious problem for organizations of any size. In a recent cybersecurity study by Praetorian, they ranked privileged system access among the top five most prevalent threats to corporate data. Why? Because system-level access has sprawled significantly over the years and most organizations have ...

STEALTHbits Technologies

Category: Content
Type: Blog Article

Generated 4 months ago

New blog articles detected

  • Take Action Against Ransomware

    After identifying nefarious activity on your file servers, whether it’s massive data theft or activity associated with ransomware, taking action is the next step. StealthINTERCEPT v4.0 now gives us the tools to automatically Lockdown those critical file areas once the rule for the File System Attacks Analytic is met. Let’s get started. First, we need to select the File System Attack Analytic, then...

  • Eliminate the Threat of Ransomware

    Knowledge and understanding are everything in the fight against ransomware, so before we go any further, you should check out these two previous STEALTHbits blog posts: Protecting against Ransomware The five most prevalent threats to corporate data Understanding the basics of how ransomware works and the motivations behind it is essential to fight the threat. And yet, even after so many high profi...

  • Ransomware: Get to the Point.

    The proliferation of ransomware continues apace, which is no surprise given the motivation is monetary.  Wherever there’s something of value that can be exploited, it will be exploited. Every organization has to take the threat of ransomware seriously and address the risk head-on. Where do you start?  You start with the basics: understanding what’s at risk and key ways to protect it.  What’s at ri...

STEALTHbits Technologies

Category: Content
Type: Blog Article

Generated 4 months ago

New blog articles detected

  • The “Five Most Prevalent Threats to Corporate Data”

    Of the hundreds (if not thousands) of blog posts and news articles published about cybersecurity every week, occasionally you come across a gem like this post by Kevin Jackson on Sys-Con.com called “For Top Cyber Threats, Look in the Mirror”. I highly suggest you give it a read -> http://news.sys-con.com/node/3943325 To break it down simply, Jackson’s article focused on a recent report released by...

  • Effective Nested Group Membership Changes

    Real-Time Auditing of the Classic Insider Threat A Russian Nesting Doll?  What a bizarre choice of image to accompany a technology blog, you may think.  In the same way that you can’t determine what is contained within a nest of Russian Dolls, without opening them up, Active Directory doesn’t reveal exactly who is a member of a group if that membership is through group nesting. StealthINTERCEPT 4....

  • StealthAUDIT Feature Pack: Best Practice Reports Now Available for Active Directory, Desktop and Server Infrastructure

    StealthAUDIT is offering an exciting update on Wednesday with its first official Feature Pack. In this first feature pack, we are focusing on Active Directory and Systems Best Practices for Security and Operations. Let’s look at each in more detail. Active Directory Best Practices Active Directory (AD) provides authentication and authorization services for the majority of IT systems. AD is growing...

  • Operations and Security: An Amicable Separation?

    Active Directory Operations and Security As the primary authentication and authorization service for the majority of IT systems, the importance of Microsoft’s Active Directory (AD) cannot be understated. Over time, AD has grown increasingly complex, less secure, and more difficult to manage, resulting in a growing problem for organizations large and small. Given its importance, AD is often viewed ...

  • Increase Insight into Your Active Directory Environment

    StealthAUDIT for Active Directory provides reporting features that give you great insight into your directory environment, but is there more usable information in a report than what is displayed by default? Yes. Most StealthAUDIT Jobs collect and record additional information that is not necessarily included in the default presentation of reports. However, recent improvements to the report interfa...

  • Version 4.0 of StealthINTERCEPT is now available

    StealthINTERCEPT v4.0 is now generally available and it’s loaded with exciting new features and enhancements for every StealthINTERCEPT user to leverage, including: Authentication Blocking Operation-level Monitoring for Exchange Mailboxes Automatic File System Activity Blocking Learn more by watching this brief video:   StealthINTERCEPT Customers: Contact support@stealthbits.com with questions or ...

  • 5 Steps for Cleaning up Active Directory

    Brad Bussie presented a great webinar a couple weeks ago and laid out a simple, straightforward 5-step plan for  Active Directory (AD) Clean-up.  We’ve gotten so much positive feedback on his webinar, that I thought I summarize some of the key takeaways for those of you who weren’t able to attend.  (You can also listen to an on-demand replay of the webinar here.) For many organizations, Active Dir...

  • Microsoft Exchange, Operation-Level Auditing: Auditing the Insider Threat

    Do you have sensitive data in your Exchange mailbox? What would happen if your mailbox was accessed with malicious intent? The first step to mitigating your risk is to know if an unauthorized person has accessed your mailbox.  You don’t need to know what the burglar is trying to steal to know they’re in your house.  The next question, however, is not who, but what. In my previous blog post about m...

  • Market Trends: ‘Millions of Email Accounts Compromised…’

    ‘Millions of Email Accounts Compromised…’ – The Daily Telegraph (UK), May 2016 This was the headline in a UK news outlet discussing a ‘…massive data breach that includes Google and Yahoo’.  It’s a catchy headline for sure. However, the line that really caught my attention was from the lead paragraph: ‘More than 270 Million email accounts with major providers around the world have been compromised…...

  • STEALTHbits ProTip: Identifying Non-Owner Exchange Activity

    Need visibility into the mailbox activity by anyone other than the owner of a specific mailbox? In this ProTip, you will learn how to view Exchange Activity within StealthINTERCEPT and how to scope the policy to view only Non-Owner activity. Once you are licensed for Exchange Activity, you will need to ensure that you have agents deployed to all Exchange Role Hosts (HUB, CAS, & MBX). This is done ...

STEALTHbits Technologies

Category: Content
Type: Blog Article

Generated 5 months ago

New blog articles detected

  • Has My Information Been Compromised? Probably!

    It’s your worst fears come true. You try to log onto your LinkedIn account. Maybe it’s Tumblr or even your Dropbox profile. Perhaps you’ve been thawed out after being cryogenically frozen for the last 10 years and attempt to access a new, Tom-less Myspace. But all of them return an error. Your password has been changed. Spam messages start flowing from your hijacked account, flooding your news fee...

  • 5 Steps to Building a Successful Data Access Governance (DAG) Program

    In listening to Adam Rosen’s recent webinar, I learned that nearly 60 percent of security breaches involve the theft of unstructured data.[i] And, only 12 percent of organizations are confident they can detect a breach involving unstructured data.[ii] Given that 80% of an organization’s data is unstructured,[iii] is it any wonder a hacker was able to steal login credentials and personal informatio...

STEALTHbits Technologies

Category: Content
Type: Blog Article

Generated 6 months ago

New blog articles detected

  • Political Hacks (The Cyber Kind): Colin Powell and the DNC

    In politics, information is power. Just one small comment or suggestion from a candidate or figure held in high esteem can potentially sway entire elections. Politicians also hold access to a treasure trove of sensitive information, not intended for the masses. That’s why Hillary Clinton’s private server fiasco is such a big deal in the eyes of many. But with the leaks of the Democratic National C...

STEALTHbits Technologies

Category: Content
Type: Blog Article

Generated 6 months ago

Out-Market Your Competitors?

Get complete competitive insights on over 2.2 million companies to drive your marketing strategy.

Create Free Account Log in

Out-Market Your Competitors

Get complete competitive insights on over 2.2 million companies to drive your marketing strategy.

Create Free Account

Already a user?  Log in